As I watch the debacle unfold in what is quickly becoming widely known as one of the worlds worst environmental disasters – I watch with interest the actions of Mr. Hayward – the CEO and point man for the BP Company. Since I’ve been working…
Web application contingency plans – the missing link in Web security?
Why are Web applications out of the loop when it comes to contingency planning? Look at any given security incident response or disaster recovery plan (assuming they even exist) and chances are business critical Web applications and related systems are missing. At least that’s what…
Fraud: An Infected Website Is a Commodity
It’s a sad statement to make that anyone can become a hacker, with a few dollars and the right contacts anyone can “order” an infected website. A simple email will give anyone the means to access credit card numbers, addresses, and all of your personal…
Consider outside of the box for security – It can be exposing
In the past few days, a site selling Durex condoms have had a small ‘exposure’ problem. As reported, the site had been suffering (time length unknown) from several basic security exposures, including even allowing orders to be viewed online, without a login – simply by…
Third Annual Meetings of Heads of Information Systems Security RSSI’2010
Acunetix reseller Hat Web Security Labs will be exhibiting Acunetix WVS in the Third Annual Meetings of Heads of Information Systems Security RSSI’2010. The event will take place between 3rd and 4th of June 2010 at the Cyber Parc Elgazala, Tunis. Click here for more…
Acunetix WVS helps Digicure discover web vulnerabilities
A proper web security audit is a mixture of automated and manual tests; Acunetix WVS provides a comprehensive tool for automated testing purposes and useful toolbox Digicure can use for manual penetration testing as well. “The most impressive thing about Acunetix Web Vulnerability Scanner must…
SQL Injection hits again; 168,000 personal records exposed
A hacker, who calls himself “ins3cted”, has demonstrated to Webwereld via video how by exploiting a simple SQL injection, he can retrieve 168,000 personal records from a Dutch website called Experience the OV (http://www.ervaarhetov.nl). Citizens living in the provinces of Gelderland, Overijssel and Flevoland are…
Security usability and accessibility
Recently security and accessibility issues have become an important topic to me. Although I had always considered accessibility and more specifically usability important in my designs, since I’m now down to one active hand two to a surgery on the other hand, I am now…
Creating a Web security testing policy
If you’re reading this blog, Web security testing is undoubtedly on your radar. You may have an ongoing process for testing Web vulnerabilities but do you actually have a policy for it? I’m all about keep things simple with security and, when you think about…